Index: chrome/app/generated_resources.grd |
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd |
index 2298421f82397a447e13adbd847e4f59c3682f46..94879f71bd928406903cb6767c5a025aa7049a57 100644 |
--- a/chrome/app/generated_resources.grd |
+++ b/chrome/app/generated_resources.grd |
@@ -9700,16 +9700,16 @@ I don't think this site should be blocked! |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_NO_CT" desc="The text of the identity section when the page is secure and no Certificate Transparency information is present."> |
- The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph> but does not have public audit records. |
+ The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>. The certificate does not have signed certificate timestamps. |
Ryan Sleevi
2015/04/30 21:15:56
Do we have any complaints/concerns/questions from
davidben
2015/04/30 21:26:31
+1 that "signed certificate timestamps" is an unhe
lgarron
2015/04/30 22:48:42
First-order issue: I've seen people take the "but"
davidben
2015/04/30 23:19:29
*shrug* Two sentences SGTM.
|
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_VERIFIED" desc="The text of the identity section when the page is secure and a Signed Certificate Timestamp from a known Certificate Transparency log is present and valid."> |
- The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph> and is publicly auditable. |
+ The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>. The certificate has valid signed certificate timestamps. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_UNVERIFIED" desc="The text of the identity section when the page is secure and contains a Signed Certificate Timestamp from an unknown Certificate Transparency log."> |
- The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>, it claims to have public audit records, but the records cannot be verified. |
+ The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>. The certificate has signed certificate timestamps (SCTs), but the SCTs cannot be verified. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_INVALID" desc="The text of the identity section when the page is secure, but it contains a Signed Certificate Timestamp from a known Certificate Transparency log that failed to verify."> |
- The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>, but its public audit records failed verification. |
+ The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>. The certificate has signed certificate timestamps (SCTs), but the SCTs failed verification. |
</message> |
<message name="IDS_PAGEINFO_ADDRESS" desc="Locality as reported in the EV identity text."> |
@@ -9721,16 +9721,16 @@ I don't think this site should be blocked! |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_NO_CT" desc="The text of the identity section when the page is secured with an EV cert and no Certificate Transparency information is present."> |
- The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph> but does not have public audit records. |
+ The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>. The certificate does not have signed certificate timestamps. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_VERIFIED" desc="The text of the identity section when the page is secured with an EV cert and a Signed Certificate Timestamp from a known Certificate Transparency log is present and valid."> |
- The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph> and is publicly auditable. |
+ The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>. The certificate has valid signed certificate timestamps. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_UNVERIFIED" desc="The text of the identity section when the page is secured with an EV cert and contains a Signed Certificate Timestamp from an unknown Certificate Transparency log."> |
- The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>, it claims to have public audit records, but the records cannot be verified. |
+ The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>. The certificate has signed certificate timestamps (SCTs), but the SCTs cannot be verified. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_INVALID" desc="The text of the identity section when the page is secured with an EV cert, but it contains a Signed Certificate Timestamp from a known Certificate Transparency log that failed to verify."> |
- The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>, but its public audit records failed verification. |
+ The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>. The certificate has signed certificate timestamps (SCTs), but the SCTs failed verification. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY" desc="The default name used when we did not find a principal name."> |
@@ -9751,19 +9751,19 @@ I don't think this site should be blocked! |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_CONNECTION_TEXT" desc="The text of the connection section when the connection is encrypted."> |
- Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with modern cryptography. |
+ Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with a modern protocol and cipher suite. |
davidben
2015/04/30 21:26:31
This message doesn't currently have anything to do
lgarron
2015/04/30 22:48:42
Our logic actually checks the TLS version explicit
davidben
2015/04/30 23:19:29
Interesting. Talking about versions is, I think, u
|
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_WEAK_ENCRYPTION_CONNECTION_TEXT" desc="The text of the connection section when the connection uses weak encryption."> |
- Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with obsolete cryptography. |
+ Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with a deprecated protocol or cipher suite. |
davidben
2015/04/30 21:26:30
"deprecated" elsewhere in Chrome has usually refer
lgarron
2015/04/30 22:48:42
And "obsolete" usually means it's gone. :-P
Got a
davidben
2015/04/30 23:19:29
Hrm. That's true, we did use that word for SSL 3.
|
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT" desc="The text of the connection section when the connection is not encrypted."> |
Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is not encrypted. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING" desc="Some extra text of the connection section when the connection is encrypted and the page contains insecure content which has been displayed (e.g. images, CSS)."> |
- However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page. |
+ Further, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR" desc="Some extra text of the connection section when the connection is encrypted and the page contains insecure content which has been run (e.g. script)."> |
- However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page. |
+ Further, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_SENTENCE_LINK" desc="Linking 2 sentences in 1 paragraph."> |
<ph name="SENTENCE1">$1<ex>Your connection is encrypted.</ex></ph> <ph name="SENTENCE2">$2<ex>However, this page includes resources from other pages whose identity cannot be verified.</ex></ph> |
@@ -9772,7 +9772,7 @@ I don't think this site should be blocked! |
The connection uses <ph name="SSL_VERSION">$1<ex>TLS 1.0</ex></ph>. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS" desc="This message gives details of the cryptographic primitives used to protect the HTTPS connection."> |
- The connection is encrypted using <ph name="CIPHER">$1<ex>AES_128</ex></ph>, with <ph name="MAC">$2<ex>SHA1</ex></ph> for message authentication and <ph name="KX">$3<ex>RSA</ex></ph> as the key exchange mechanism. |
+ The connection is encrypted using <ph name="CIPHER">$1<ex>AES_128</ex></ph>, with <ph name="MAC">$2<ex>HMAC-SHA1</ex></ph> for message authentication and <ph name="KX">$3<ex>RSA</ex></ph> as the key exchange mechanism. |
</message> |
<message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD" desc="This message gives details of the cryptographic primitives used to protect the HTTPS connection. It should be translated in a similar manner as IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS"> |
The connection is encrypted and authenticated using <ph name="CIPHER">$1<ex>AES_128_GCM</ex></ph> and uses <ph name="KX">$2<ex>RSA</ex></ph> as the key exchange mechanism. |